<?php

/*
 * Copyright (c) Madbit 2012. All Rights Reserved.
 * Reproduction in whole or in part is prohibited without the
 * written consent of the copyright owner.
 * 
 * 
 * Description of LoginController
 *
 * @author Alessio Fiore
 */

class FileController {

    public function createFile($idc, $title, $file) {

        include_once '../utils/includer.php';
        includeFileOnce("utils/directories.php");
        includeFileOnce("utils/redirect.php");
        includeFileOnce("protected/database/MySqlDAO.php");
        includeFileOnce("protected/messages/it/messages.php");
        includeFileOnce("protected/utils/FileSystemUtils.php");
        includeFileOnce("utils/mimeTypes.php");

        $messages = getBundleMessages();

        $mySqlDAO = new MySqlDAO();

        if (!empty($idc)) {
            if (!empty($title) && $file['size'] > 0) {

                $response = array();

                $fileName = $file['name'];
                $tmpName = $file['tmp_name'];
                $fileSize = $file['size'];
                $fileType = $file['type'];

                $fsUtils = new FileSystemUtils();
                $maxFileSize = $fsUtils->getMaxFileSize();
                $maxFileSizeMB = $maxFileSize / 1048576;

                /* check file size */
                if ($fileSize > $maxFileSize) {
                    $response['status'] = "FAILURE";
                    $response['message'] = $messages['createfile.filesize_exceed'] . $maxFileSizeMB . "MB.<br>";
                    return $response;
                    /* check file format */
                } else if (!isSupportedFormat(pathinfo($fileName, PATHINFO_EXTENSION))) {
                    $response['status'] = "FAILURE";
                    $response['message'] = $messages['createfile.format_not_supported'];
                    return $response;
                } else {
                    if (!get_magic_quotes_gpc())
                        $fileName = addslashes($fileName);

                    $idfres = $mySqlDAO->checkFileTitle($idc, $title);
                    $existTitle = $mySqlDAO->checkFileExist($idc, $fileName);

                    /* Check if title is already used */
                    if (!empty($idfres)) {
                        $response['status'] = "FAILURE";
                        $response['message'] = $messages['createfile.name_already_used'];
                        return $response;
                    }
                    /* Check id file is already uploaded */ else if (!empty($existTitle)) {
                        $response['status'] = "FAILURE";
                        $response['message'] = sprintf($messages['createfile.file_already_exists'], $fileName, $existTitle);
                        return $response;
                    } else {
                        $target_path = getRootDir() . $mySqlDAO->getCategoryPath($idc);
                        $path = $target_path . DIRECTORY_SEPARATOR . $fileName;
                        $dbPath = $mySqlDAO->getCategoryPath($idc);

                        if (@is_uploaded_file($tmpName)) {

                            @move_uploaded_file($tmpName, $path)
                                    or die($messages['createfile.error2']);


                            $res = $mySqlDAO->createFile($title, $dbPath, $fileName, $fileSize, $fileType, $idc);
                            if (!empty($res)) { // Query OK
                                redirect("index.php?idc=$idc", FALSE);
                            } else {
                                unlink($path);
                                $response['status'] = "FAILURE";
                                $response['message'] = $messages['createfile.upload_error'];
                                return $response;
                            }
                        } else
                            $response['status'] = "FAILURE";
                        $response['message'] = $messages['createfile.error3'];
                        return $response;
                    }
                }
            } else {
                $response['status'] = "FAILURE";
                $response['message'] = $messages['createfile.missing_data'];
                return $response;
            }
        } else {
            die($messages['admin.missed_parentdir']);
        }
    }

    public function modifyFile($idf, $parent_dir, $title, $file) {

        include_once '../utils/includer.php';
        includeFileOnce("utils/directories.php");
        includeFileOnce("utils/redirect.php");
        includeFileOnce("protected/database/MySqlDAO.php");
        includeFileOnce("protected/messages/it/messages.php");
        includeFileOnce("utils/mimeTypes.php");

        $messages = getBundleMessages();

        include_once($_SERVER["DOCUMENT_ROOT"] . "/web-doc/protected/database/MySqlDAO.php");
        include_once($_SERVER["DOCUMENT_ROOT"] . "/web-doc/utils/redirect.php");
        include_once($_SERVER["DOCUMENT_ROOT"] . "/web-doc/utils/directories.php");
        include_once($_SERVER["DOCUMENT_ROOT"] . "/web-doc/protected/messages/it/messages.php");

        $mySqlDAO = new MySqlDAO($parent_dir, $title, $file);

        if ($parent_dir) {
            if (!empty($title)) {

                $response = array();

                /* Check if title is already used */
                $idfres = $mySqlDAO->checkFileTitle($parent_dir, $title);
                if (!empty($idfres) && $idf != $idfres) {
                    $response['status'] = "FAILURE";
                    $response['message'] = $messages['createfile.name_already_used'];
                    return $response;
                } else {
                    if ($file['size'] > 0) {

                        $fileName = $file['name'];
                        $tmpName = $file['tmp_name'];
                        $fileSize = $file['size'];
                        $fileType = $file['type'];


                        $fsUtils = new FileSystemUtils();
                        $maxFileSize = $fsUtils->getMaxFileSize();
                        $maxFileSizeMB = $maxFileSize / 1048576;

                        /* check file size */
                        if ($fileSize > $maxFileSize) {
                            $response['status'] = "FAILURE";
                            $response['message'] = $messages['createfile.filesize_exceed'] . $maxFileSizeMB . "MB.<br>";
                            return $response;
                            /* check file format */
                        } else if (!isSupportedFormat(pathinfo($fileName, PATHINFO_EXTENSION))) {
                            $response['status'] = "FAILURE";
                            $response['message'] = $messages['createfile.format_not_supported'];
                            return $response;
                        } else {
                            if (!get_magic_quotes_gpc())
                                $fileName = addslashes($fileName);

                            /* Check if file is already uploaded */
                            $existTitle = $mySqlDAO->checkFileExist($parent_dir, $fileName);
                            if (!empty($existTitle)) {
                                $response['status'] = "FAILURE";
                                $response['message'] = $messages['createfile.file_already_exists'];
                                return $response;
                            } else {

                                $dbPath = $mySqlDAO->getFilePath($idf);
                                $oldname = $mySqlDAO->getFileName($idf);
                                $oldPath = getRootDir() . $dbPath . $oldname;
                                $newPath = getRootDir() . $dbPath . $fileName;

                                if (@is_uploaded_file($tmpName)) {

                                    @move_uploaded_file($tmpName, $newPath)
                                            or die($messages['createfile.error2']);

                                    unlink($oldPath) or die("ERROR: Cannot delete file " . $oldPath);
                                } else
                                    die($messages['createfile.upload_error']);

                                $mySqlDAO->modifyFile($idf, $title, $dbPath, $fileName, $fileSize, $fileType, $parent_dir);
                                redirect("index.php?idc=$parent_dir", FALSE);
                            }
                        }
                    }
                    /* update only the title */
                    else {
                        $mySqlDAO->modifyFile($idf, $title, NULL, NULL, NULL, NULL, NULL);
                        redirect("index.php?idc=$parent_dir", FALSE);
                    }
                }
            } else {
                $response['status'] = "FAILURE";
                $response['message'] = $messages['createfile.missing_data'];
                return $response;
            }
        } else {
            die($messages['admin.missed_parentdir']);
        }
    }

}

?>
